Re: change email in PGP public key

2002-08-20 Thread Allie C Martin 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>,
Norbert Luckhardt [NL] wrote:'

NL> that sure was unclear: I meant using this UID to find the
NL> appropriate key to encrypt for a given e-mail address (which
NL> corresponds to that UID)

Ok.

NL> e.g. when I have two keys in my keyring with each of them
NL> bearing a particular e-mail address, then it's hard to tell,
NL> which one a front-end will choose to use... there may be
NL> different strategies (using the newer UID by date, checking the
NL> self-signature or not, ask the user, ...)

Usually it's the first key found bearing the exact UID.

- --
Allie C Martin \  TB! v1.62/Beta1 & Windows XP Pro
 List Moderator/   PGP Key - http://pub-key.ac-martin.com
'
-BEGIN PGP SIGNATURE-

iD8DBQE9Ys04V8nrYCsHF+IRAkUEAKCzjL4k8zcbNnw1K55L7zOAgO18QgCfeW2b
MWLmsVYR//B7gSM1HSEcsdE=
=2rLr
-END PGP SIGNATURE-


__
Archives   : http://tbtech.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
Unsubscribe: mailto:[EMAIL PROTECTED]

Re[2]: change email in PGP public key

2002-08-20 Thread Norbert Luckhardt 

hi Allie,

NL>> more badly You cannot revoke a UID but only the self signature
NL>> on it (which may or may not prevent users from encrypting to
NL>> this UID)

> Encrypting to the UID? What do you mean by this?

that sure was unclear: I meant using this UID to find the appropriate
key to encrypt for a given e-mail address (which corresponds to that
UID)

e.g. when I have two keys in my keyring with each of them bearing a
particular e-mail address, then it's hard to tell, which one a
front-end will choose to use... there may be different strategies
(using the newer UID by date, checking the self-signature or not, ask
the user, ...)

> I'm thinking of revoking the key on the keyservers and continue to
> distribute it through a URL link with all messages that I sign.

as Dierk Haasis already mentioned: don't do this! anyone who
synchronizes with the keyservers cannot use Your key anymore...

-- 
kind regards, Shalom
NOrbert
using TB 1.61


__
Archives   : http://tbtech.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
Unsubscribe: mailto:[EMAIL PROTECTED]

Re: LDAP attribute PKCS#12

2002-08-20 Thread Marck D Pearlstone 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi Alexander,

@20-Aug-2002, 15:39 +0600 (10:39 UK time) Alexander Leschinsky [AL]
in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said:

AL> SOT

AL> Can anybody help me with correct schema definition for storing
AL> The Bat addressbooks field Certificate ("userPKCS12;binary:" in
AL> The Bat LDIF scheme) into OpenLDAP?

AL> Plain and simpliest way - useless, because, after RTFM

 ... 

AL> I can't correlate 1-st paragraph with second :-(

I'm not surprised! Is this any clearer?

,-=[ http://ldap.akbkhome.com/attribute/userPKCS12.html ]=-<
 Ldap Schema Viewer

 Attribute: userPKCS12
 Description: PKCS #12 PFX PDU for exchange of personal identity
 information
 PKCS #12 [PKCS12] provides a format for exchange of personal
 identity information. When such information is stored in a
 directory service, the userPKCS12 attribute should be used. This
 attribute is to be stored and requested in binary form, as
 'userPKCS12;binary'. The attribute values are PFX PDUs stored as
 octetStrings.

 [PKCS12]
 "PKCS #12: Personal Information Exchange Standard", Version 1.0
 DRAFT, 30 April 1997.

 BNC Syntax: 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'PKCS
 #12 PFX PDU for exchange of personal identity information' SYNTAX
 1.3.6.1.4.1.1466.115.121.1.40 )

 rfc2798
 Syntax: Octet String
 ID : 1.3.6.1.4.1.1466.115.121.1.40

 Values in this syntax are encoded as octet strings.
 Example:
`|

- --
Cheers -- .\\arck D Pearlstone -- List moderator
TB! v1.61 on Windows 2000 5.0.2195 Service Pack 2

-BEGIN PGP SIGNATURE-
Version: 6.5.8ckt build 09 beta 3

iQA/AwUBPWIqvjnkJKuSnc2gEQI07gCg6UKkoWKaCCgKYCKKB43kQGJmfRIAni/8
zSFRbhrPNkg02UIkm3yF++4b
=UHju
-END PGP SIGNATURE-



__
Archives   : http://tbtech.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
Unsubscribe: mailto:[EMAIL PROTECTED]

LDAP attribute PKCS#12

2002-08-20 Thread Alexander Leschinsky 

Hello tbtech,

SOT

Can anybody help me with correct schema definition for storing The Bat
addressbooks field Certificate ("userPKCS12;binary:" in The Bat LDIF
scheme) into OpenLDAP?

Plain and simpliest way - useless, because, after RTFM

->8-- from WinClipboard
# userPKCS12
# PKCS #12 [PKCS12] provides a format for exchange of personal identity
# information.  When such information is stored in a directory service,
# the userPKCS12 attribute should be used. This attribute is to be stored
# and requested in binary form, as 'userPKCS12;binary'.  The attribute
# values are PFX PDUs stored as binary data.

## OpenLDAP note: ";binary" transfer should NOT be used as syntax is
binary attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12'
DESC 'RFC2798: PKCS #12 PFX PDU for exchange of personal identity
information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )

->8
I can't correlate 1-st paragraph with second :-(

-- 
Best regards,
 Alexander Leschinsky

- MOTD:
Better to write for yourself and have no public, than to write for the public and have 
no self.
Cyril Connolly



__
Archives   : http://tbtech.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
Unsubscribe: mailto:[EMAIL PROTECTED]